[SOLVED] Email Help

[shasta]

Hi, I'm new to php and I'm trying to make a contact page for a website i'm working on. I have it working right now and it sends the name, email, and message, but I would like to add an input for the user's phone number to be sent in the body of the message. I have tried a few things but always fail. The help would be greatly appreciated.

 

Here is the code:

 

<?php

// Define your email address - where to send messages - here

define("MAIL_TARGET","info@selfstoragecentersofamerica.com, pikeymylove@yahoo.com");

 

// Here you can redefine error messages

define("errorName","Invalid name! It must be at least 3 characters long.");

define("errorEmail","Invalid email address!");

define("errorMsg","Invalid message! It must be at least 10 characters long.");

 

function createForm($name="",$email="",$phone="",$message="",$error1="",$error2="",$error3=""){

?>

  <div id="caption"><img src="images/ContactInfo.png" width="48" height="48" alt="Contact Us" />Suggestions, questions, submissions here.<br /><br />

  <span class="rlabel">All fields required.</span> Use a valid name and email address or your message may be deleted as spam.</div>

      <form class="cform" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

          <span class="label">Name: </span><span class="error"><?php echo $error1; ?></span><br />

          <input class="text" type="text" name="name" value="<?php echo $name; ?>" /><br /><br />

 

          <span class="label">Email:</span><span class="error"><?php echo $error2; ?></span><br />

          <input class="text" type="text" name="email" value="<?php echo $email; ?>" /><br /><br />

 

          <span class="label">Message:</span><span class="error"><?php echo $error3; ?></span><br />

          <textarea cols="40" rows="6" name="message"><?php echo $message; ?></textarea><br />

 

          <input class="mbutton" type="submit" name="submitBtn" value="" />

      </form>

<?php

}

 

function isValidEmail($email){

  $pattern = "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$";

   

  if (eregi($pattern, $email)){

      return true;

  }

  else {

      return false;

  } 

}

 

function sendMail($name,$email,$message){

   

    $subject = "Message from Self Storage Centers of America Online";

    $from    = "From: $name <$email>\r\nReply-To: $email\r\n";

    $header  = "MIME-Version: 1.0\r\n"."Content-type: text/html; charset=iso-8859-1\r\n";

$content = htmlspecialchars($message);

   

    $content = wordwrap($content,70);

    mail(MAIL_TARGET,$subject,$content,$from.$header);

 

}

?>

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<title>Self Storage Centers of America - Contact Us</title>

<link rel="shortcut icon" href="favicon.ico" />

<meta name="verify-v1" content="X/S8QSefsEYzDf/O4GJZvK9IRw2tgg1ldG/Pb+rL4xs=" />

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />

<link rel="stylesheet" type="text/css" href="styleindex.css" />

<style type="text/css">

/*<![CDATA[*/

#contactd{

float:left;

min-height:150px;

background:#fff;

font-family:Arial,Helvetica,sans-serif;

font-weight:bold;

font-size:14px

}

.cform{

margin-left:10px;

padding:5px;

margin-bottom:10px

}

#caption{

height:60px;

font-family:Arial,Helvetica,sans-serif;

font-weight:bold;

font-size:14px;

color:#000;

margin:10px

}

#caption img{

vertical-align:middle;

float:left;

padding-right:10px

}

#result {

height:50px;

font-weight:bold;

font-size:14px;

margin-left:10px;

margin-top:40px;

padding:5px

}

#result img{vertical-align:middle}

.label{color:#000}

.rlabel{

font-family:Arial,Helvetica,sans-serif;

font-weight:bold;

font-size:14px;

color:#F00

}

.error{

font-family:Arial,Helvetica,sans-serif;

font-size:14px;

color:#F00;

padding:10px

}

.text{

color:#000;

background-color:#ddd;

border:1px solid #F00

}

input{width:200px}

textarea{

width:500px;

height:220px;

color:#000;

background-color:#ddd;

border:1px solid #f00

}

.mbutton{

background:transparent url(images/ContactSend.png) no-repeat 0 0;

border:0px;

width:105px;

height:33px;

margin:0;

padding:0;

cursor:pointer

}

.mbutton:hover,.mbutton:active{background:url(images/ContactSend.png) no-repeat 0 -33px}

/*]]>*/

</style>

</head>

<body>

<div id="page">

<!-- Left Column -->

<div id="leftcol"><?php include("sidemenux.html"); ?></div>

<div id="rightcol"></div>

<!--Header-->

<div id="buildingpic"><a href="index.html"></a></div>

<div id="maincol"><h1>Contact Us</h1></div>

<!--Header End-->

<div id="shader"></div>

<div id="maincontent">

<!--START Content-->

<div id="contactd">

<?php if (!isset($_POST['submitBtn']))  {

    createForm();

} else  {

      $name    = isset($_POST['name']) ? $_POST['name'] : "";

      $email  = isset($_POST['email']) ? $_POST['email'] : "";

      $message = isset($_POST['message']) ? $_POST['message'] : "";

     

      $error = false;

     

      if (strlen($name)<3) {

          $error = true;

          $error1 = errorName;

      }

      if (!isValidEmail($email)) {

          $error = true;

          $error2 = errorEmail;

      }

      if (strlen($message)<10) {

          $error = true;

          $error3 = errorMsg;

      }

   

      if ($error){

        createForm($name,$email,$message,$error1,$error2,$error3);

      }

      else {

          sendMail($name,$email,$message);

    ?>

<div id="result"><img src="images/ContactSent.png" width="48" height="48" alt="Mail Sent" />Message sent. Thank you!</div>

<?php           

    }

}

?>

</div>

<!--END Content-->

</div>

<div class="clear"> </div>

</div>

</body>

</html>

[WolfRage]

I was going to try and rewrite your code but the format is giving me a headache. So If you want to add a phone number field to your form use this code.

<span class="label">Phone:</span><input type="text" name='phone' value="<?php echo $phone; ?>" /><br />

next you have already added $phone to the function createForm, but when you call it you will need to add that variable to the call of the function.

createForm($name,$email,$phone,$message,$error1,$error2,$error3); 

Also before you send the email you need to join the phone number to the message.

$message=$phone . $message;

But before you do that you should clean the message with htmlentities.

htmlentities($message, ENT_QUOTES);

 

But before you make these changes I would like to help you make the script more secure. Also I would like to help you understand the script's function better if you would like.

 

OK, next do you really understand what this script is doing or did you borrow it?

Just post a reply if you would like to learn more.

[shasta]

I researched it for about an hour or two, but I don't know any PHP. I understand the basics of what this script does, but I don't know all of the possibilities, or even entirely what this script does. I was working on a site a few months ago, and my friend was helping me out some. He did the contact page, so I just took the script and changed what was needed to fit this new site.

[WolfRage]

Here is your script back, I did not attempt to clean up the remainder of the code (Primarily I just don't like the way the script is laid out, but other than that it is functional.), but I correctly inserted my own code. Let me know how it works, feel free to look it over first. If you have questions or would like to understand the script better just reference the section you have questions about and I will do my best to explain. Also please mark this as solved. But if you continue to post I will continue to respond to try and help you out.

<?php
// Define your email address - where to send messages - here
define("MAIL_TARGET","info@selfstoragecentersofamerica.com, pikeymylove@yahoo.com");

// Here you can redefine error messages
define("errorName","Invalid name! It must be at least 3 characters long.");
define("errorEmail","Invalid email address!");
define("errorMsg","Invalid message! It must be at least 10 characters long.");

function createForm($name="",$email="",$phone="",$message="",$error1="",$error2="",$error3=""){
?>
     <div id="caption"><img src="images/ContactInfo.png" width="48" height="48" alt="Contact Us" />Suggestions, questions, submissions here.<br /><br />
     <span class="rlabel">All fields required.</span> Use a valid name and email address or your message may be deleted as spam.</div>
      <form class="cform" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
          <span class="label">Name: </span><span class="error"><?php echo $error1; ?></span><br />
          <input class="text" type="text" name="name" value="<?php echo $name; ?>" /><br /><br />
        
          <span class="label">Email:</span><span class="error"><?php echo $error2; ?></span><br />
          <input class="text" type="text" name="email" value="<?php echo $email; ?>" /><br /><br />
          <span class="label">Phone:</span><input type="text" name='phone' value="<?php echo $phone; ?>" /><br />
          <span class="label">Message:</span><span class="error"><?php echo $error3; ?></span><br />
          <textarea cols="40" rows="6" name="message"><?php echo $message; ?></textarea><br />
        
          <input class="mbutton" type="submit" name="submitBtn" value="" />
      </form>
<?php
}
   
function isValidEmail($email){
   $pattern = "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$";
     
   if (eregi($pattern, $email)){
      return true;
   }
   else {
      return false;
   }   
}

function sendMail($name,$email,$message){
    
    $subject = "Message from Self Storage Centers of America Online";
    $from    = "From: $name <$email>\r\nReply-To: $email\r\n"; 
    $header  = "MIME-Version: 1.0\r\n"."Content-type: text/html; charset=iso-8859-1\r\n";
   $content = htmlspecialchars($message);
    
    $content = wordwrap($content,70);
    mail(MAIL_TARGET,$subject,$content,$from.$header);

}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Self Storage Centers of America - Contact Us</title>
<link rel="shortcut icon" href="favicon.ico" />
<meta name="verify-v1" content="X/S8QSefsEYzDf/O4GJZvK9IRw2tgg1ldG/Pb+rL4xs=" />
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<link rel="stylesheet" type="text/css" href="styleindex.css" />
<style type="text/css">
/*<![CDATA[*/
#contactd{
float:left;
min-height:150px;
background:#fff;
font-family:Arial,Helvetica,sans-serif;
font-weight:bold;
font-size:14px
}
.cform{
margin-left:10px;
padding:5px;
margin-bottom:10px
}
#caption{
height:60px;
font-family:Arial,Helvetica,sans-serif;
font-weight:bold;
font-size:14px;
color:#000;
margin:10px
}
#caption img{
vertical-align:middle;
float:left;
padding-right:10px
}
#result {
height:50px;
font-weight:bold;
font-size:14px;
margin-left:10px;
margin-top:40px;
padding:5px
}
#result img{vertical-align:middle}
.label{color:#000}
.rlabel{
font-family:Arial,Helvetica,sans-serif;
font-weight:bold;
font-size:14px;
color:#F00
}
.error{
font-family:Arial,Helvetica,sans-serif;
font-size:14px;
color:#F00;
padding:10px
}
.text{
color:#000;
background-color:#ddd;
border:1px solid #F00
}
input{width:200px}
textarea{
width:500px;
height:220px;
color:#000;
background-color:#ddd;
border:1px solid #f00
}
.mbutton{
background:transparent url(images/ContactSend.png) no-repeat 0 0;
border:0px;
width:105px;
height:33px;
margin:0;
padding:0;
cursor:pointer
}
.mbutton:hover,.mbutton:active{background:url(images/ContactSend.png) no-repeat 0 -33px}
/*]]>*/
</style>
</head>
<body>
<div id="page">
   <!-- Left Column -->
<div id="leftcol"><?php include("sidemenux.html"); ?></div>
<div id="rightcol"></div>
   <!--Header-->
<div id="buildingpic"><a href="index.html"></a></div>
<div id="maincol"><h1>Contact Us</h1></div>
   <!--Header End-->
<div id="shader"></div>
<div id="maincontent">
   <!--START Content-->
<div id="contactd">
<?php if (!isset($_POST['submitBtn']))  { 
    createForm();
} else  { 
      $name    = isset($_POST['name']) ? $_POST['name'] : "";
      $email   = isset($_POST['email']) ? $_POST['email'] : "";
      $message = isset($_POST['message']) ? $_POST['message'] : "";
      $phone = isset($_POST['phone'])? $_POST['phone'] : "";
      $error = false;
      
      if (strlen($name)<3) {
          $error = true;
          $error1 = errorName;
      }
      if (!isValidEmail($email)) {
          $error = true;
          $error2 = errorEmail;
      }
      if (strlen($message)<10) {
          $error = true;
          $error3 = errorMsg;
      }
    
      if ($error){
         createForm($name,$email,$phone,$message,$error1,$error2,$error3);  
      }
      else {
          $name=htmlentities($name, ENT_QUOTES);
          $email=htmlspecialchars($email, ENT_QUOTES);//Note: Used htmlspecialchars so that the @ symbol does not get converted as it would in htmlentities.
          $message=htmlentities($message, ENT_QUOTES);
          $message='Name: '.$name."\n".'E-mail: '.$email."\n".'Phone #: '.$phone."\n".$message;
          sendMail($name,$email,$message);
    ?>
<div id="result"><img src="images/ContactSent.png" width="48" height="48" alt="Mail Sent" />Message sent. Thank you!</div>
<?php            
    }
}
?>
</div>
   <!--END Content-->
</div>
<div class="clear"> </div>
</div>
</body>
</html>

[shasta]

Thank you so much! I just have one more question. When I send a message using this, the email has all the info on one line. like Name: <name> E-mail: <email> etc.

I was wondering if these could each be sent on a different line so it would be easier to read. Other than that, this works great! Thank you.

 

I had one question about the coding though. It seemed like you were trying to use htmlentities instead of htmlspecialchars wherever you could. Is there an advantage to this? I don't know the difference.

[WolfRage]

Sorry I thought you were sending plain text email change this line :

$message='Name: '.$name."\n".'E-mail: '.$email."\n".'Phone #: '.$phone."\n".$message;

to this:

$message='Name: '.$name.'<br />E-mail: '.$email.'<br />Phone #: '.$phone.'<br />'.$message;

In effect in a pliantext email you write "\n" to create a new line, but for html you use '<br />';

Well for security I use htmlentities, unless I know I need to allow special characters. For instance the emal has to allow '@' so we can't convert it so we use htmlspecialchars. But for everthing else we do not have to worry about coverting characters so we use htmlentities. The effect is that in the email everything is converted and will be displyed as html in a safe format.

[shasta]

Hmm. I tried what you suggested, but it still sent it all on the same line, but with the <br /> in there as well. it put it in as text instead of a line break.

[WolfRage]

Sorry, hopefully this will be a final revision. To make the email, html we have to open it like an html page and close it like an html page, so we convert this line.

$message='Name: '.$name.'<br />E-mail: '.$email.'<br />Phone #: '.$phone.'<br />'.$message;

To this:

$message='<html><body>Name: '.$name.'<br />E-mail: '.$email.'<br />Phone #: '.$phone.'<br />'.$message.'</body></html>';

Ok, so now we have an html email, let me know how it works.

[shasta]

It's still doing the same thing Don't worry about it, it's  no big deal. I'll just keep it all on one line.

[WolfRage]

No you can't give up  , I just did not look all of your code over, so I took a few minutes to do so. The problem comes from some protection that was added in the sendmail() function, these two lines have to go.

$content = htmlspecialchars($message);
$content = wordwrap($content,70);

Don't worry your code is still safe because we added our protection before sending it to the function sendmail() . Let me know if this makes it look the way you want it too.

[shasta]

No, it sends a blank message. Heh.

[WolfRage]

When we removed the last minute safety installed in sendMail() we are not changing variables so just send $message. Here is what sendMail() should look like; although you can remove the comment line. Let me know if there is anything else.

<?php
function sendMail($name,$email,$message){
    
    $subject = "Message from Self Storage Centers of America Online";
    $from    = "From: $name <$email>\r\nReply-To: $email\r\n"; 
    $header  = "MIME-Version: 1.0\r\n"."Content-type: text/html; charset=iso-8859-1\r\n";
    //Notice the change below ($content becomes $message)
    mail(MAIL_TARGET,$subject,$message,$from.$header);

}
?>

[shasta]

Yes! It worked! Thank you ^^ Now I don't know if you know, but how do I prevent these messages from being sent to spam? Sometimes it goes to the Inbox but sometimes it goes to Spam and I put in the same info and message every time.

[WolfRage]

This problem is possibly being caused by, the fact that your php script is technically spoofing the senders or "From" email address. I recommend one of three solutions for this problem.

1: As long as you use and email that is from the domain of your website it should not be considered spam and you should be ok. But by spoofing other domains such as yahoo, it becomes obvious to mail servers that your from header is a lie. So change it to something like this using your domain.

<?php
$from    = "From: Self Storage Centers of America Online Server<SSCoAO_Server@mydomain.com>\r\nReply-To: $email\r\n";
?>

2: You can call phpinfo(); and check the php directives for "sendmail_from" and that will give you the email address of the server. Be sure to delete this file after you have gotten the information as it can give a hacker some valuable information about your servers settings.

3: You can try not including the the from portion of the script by deleting this part.

<?php
// Remove this part :    From: $name <$email>\r\n     of this line.
$from    = "From: $name <$email>\r\nReply-To: $email\r\n"; //leaving only.
$from    = "Reply-To: $email\r\n"; 
?>

as long as the script does not generate an error then your php.ini file is configured correctly and will insert it's own from email address. But the reply too field still lets you reply to the correct email address.

[shasta]

That worked Thank you very much. This is definitely solved now.